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Background -- Field of Invention 



This invention relates to creating and verifying between computers and on computer networks 
electronic signatures for electronic documents, filings and transaction records. 
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Background - Description of Prior Art 

An electronic document, legal filing or record of an electronic commercial transaction requires a 
way to authenticate the parties. Because handwritten signatures on paper have performed the 
authentication function traditionally, and electronic documents do not allow for a similar method 
of authentication, electronic substitutes must be found. 

Until now, two principally different systems have been devised for "signing" electronic 
documents, but each has one or more significant drawbacks. 

One such system, based upon the invention shown in U.S. Pat. 4,405,829 to Rivest et al. (1983) 
uses client-side digital signatures and certificates created through the technology of "asymmetric 
encryption." Electronic communications are signed with the private key, in a two step process. 
First a digest of a message is created with a one way hash function, and then the hash function is 
encrypted using the private key. The authenticity of the message and its contents can be verified 
by a recipient as being authentic and sent from the signing party through testing of the message 
using the public key. Either an altered message or fraudulent sender will be detected by a 
computer possessing the proper software, the public key, and the digital certificate of the signer. 
If the message has been altered or the signer did not use the proper private key, the verification 
will fail. This method is useful for electronic authentication. 

For additional security in authentications, certification authorities typically identify the key 
holders and issue certificates to verify that they belong to the party who is identified as the 
holder of the key pair. They maintain lists of active and revoked certificates for use by relying 
third parties. Determination of authentication requires not only a check of the digital signature on 
the message, but also of the status of the certificate identifying the signer, which involves 
accessing the certificate authority and knowing how to check the lists of revoked and suspended 
certificates. The investment to create and operate a certification authority is considerable. 
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Private keys are susceptible to theft from the computers or devices where they are stored, and 
when stolen, can be used to commit fraud with virtually no detection until the certificate of the 
user is revoked by the certification authority with respect to that particular corresponding public 
and private key pair. Private keys can also be compromised by sharing the passwords used to 
access them. It is often inconvenient to install the keys and certificates on individual desktop or 
laptop machines, or to replace them in the event of suspected compromise or upon the 
certificate's expiration. 

The creation and maintenance of the certification authority infrastructure requires a massive 
investment in equipment and personnel that results in a relatively high cost to the end user where 
suitable means are adopted by the certification authority to verify the true identity of a holder of 
a private key before issuance of a digital certificate to the alleged owner of the key. 

PenOp, U.S. Pat. No. 5,554,255(1994), and continuation serial number 298,991, U.S. Patent 
5,647,017 (1997) and related patents cited therein, adopts a completely different approach to 
electronic signatures. It uses digital drawing tablets on client machines as a basis for digitally 
capturing a handwritten signature, and then through software stores certain signature 
characteristics which identify the dynamic movements of the writer's hand as it moves the stylus 
on the tablet during signature creation, in addition to the image of the signature on the tablet. 
This stored information is then compared to a subsequently generated signature to determine if 
the signature is authentic. If a hash function is captured, digested, and linked to the document, 
this approach, like the "digital signature" approach of "asymmetric encryption" can determine 
any changes that have been made to the document since the signature was applied. 

This "dynamic signature" approach avoids the massive infrastructure of the "public key 
encryption" certification authorities, and the problem of conflicting legal regimes applicable to 
electronic signing of documents in an international or multi-jurisdictional setting, but it requires 
the provision of a digital drawing tablet and stylus at each computer workstation where signature 
is to be accomplished, as well as the related software, which can be a significant system-wide 
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item of cost. In addition, traditional forensic analysis applicable to handwritten signatures does 
not yet apply to electronic signature analysis, and it may be some time, if ever, before the legal 
forensic community becomes adept at dynamic signature handwriting analysis. Because there is 
no way at present for expert analysis of dynamic signatures, the ability to authenticate signatures 
is arguable at best. 

Objects and Advantages 

Accordingly, several objects and advantages of the invention are to provide a new type of 
electronic signature that does not depend upon the extensive certification authority infrastructure 
of digital signatures on multiple client machines based on asymmetric encryption or the 
hardware and software investment of dynamic signatures; further that it uses only a signature key 
of a server computer rather than many signature keys of many client computers, further that it 
can automatically incorporate authentication information about the signer and generate and affix 
a date and time parameter taken from the server's clock as further evidence of identity 
authentication at the time of the signature; further that it protects a single key from 
vulnerabilities through repeated use; further that it eliminates the need for development of a 
discipline that does not yet exist, namely, the forensic science of electronic handwriting analysis; 
and that further allows for the use by incorporation of many types of authentication into its 
system, as well as others that may emerge in the future. 

Still further objects and advantages will become apparent from a consideration of the ensuing 
description and accompanying drawings. 

Summary 

In accordance with the present invention, an electronic signature program is described for the 
creation, monitoring, and verification of an electronic signature generated by the interaction 
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between two computers, one a client and the other a server, for the signing of documents, filings 
or transaction records without the need for an expensive and massive infrastructure of 
certification authorities and the complexities of installing and using digital certificates, without 
generating conflicts between applicable legal regimes in an international or multi-jurisdictional 
setting over regulation of the export of encryption software, and/or without requiring hardware 
tablets and associated computer software. This system further is able to incorporate other 
existing technologies of prior art designed to authenticate users to a server computer and ones 
not yet available or existing. 

Drawing Figures 

Fig. 1 shows authentication as a means of access by a web browser to a web server. Only certain 
transactions may require authentication confirmation. 

Fig. 2 shows a web server that "parses" or separates out for storage textual information or binary 
files transmitted by a web form page. 

Fig. 3 shows the creation of the signature from submitted information and the system clock. 

Fig. 4 is a representation of the machine process whereby the computer signs with the server's 
private key and wraps it in a digital wrapper, and 

Fig. 5 is a representation of a web page as shown to the user which contains the signature button 
and statement of intent for signing the document. 

Description - Figs. 1 to 5 

The electronic signature is affixed between computers over the Internet. Figure 1 depicts the 
initial contact between an Internet client user and an Internet server. This is accomplished by an 
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ordinary web browser. Users are identified. A method for authenticating users allows the 
additional option to screen out unauthorized users (fig. 1, no. 12). To access the signature device, 
users must pass the authentication gateway. Where unauthorized users are excluded, many 
different systems of screening out unauthorized computer users can be utilized, including but not 
limited to digital certificates to users from trusted third parties, previously issued passwords, 
stored and verifiable dynamic signatures, credit card authorizations, retinal scans and other 
authentication methods, without limitation. Unless the system is open to all users, unauthorized 
users are rejected by the system using the authentication system. If the system is open, then 
authentication confirmation is not required, and all users are permitted to create electronic 
signatures, using their asserted names as identifiers without an identity check. 

Information is collected from the users as shown in figure 2, (no. 14). It is transmitted for the 
purpose of (no. 15), parsing (separating out discrete information supplied by the user upon 
submission of a web page form that is specific to and may upload a filing, document or 
transaction)(no. 16) and storage of the information by the server computer (no. 17). 

Creation of the signature is depicted in figure 3. In the preferred embodiment, the server has 
captured the unique network element parameter of a signer, and where available, a credit card 
authorization number from a card processor. Where authentication on the basis of stored identity 
criteria, such as a digital certificate, username and password, or biometrics is involved, 
alphanumeric elements, appropriate symbols or abbreviations can be used to represent these. 
Other user identifier elements are known to those skilled in the art and may include a legacy 
application that has developed a user identifier system. Information from the user elements (no. 
18) are combined with the date-time parameters of the server's system clock (no. 19) to create a 
signature transaction record with a Globally Unique Identifier (GUID) derived from the blend of 
the components through message digesting, (no. 20). This combination also permits the server's 
date and time to be incorporated under the signature. 
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Figure 4 demonstrates how the GUID is used to encapsulate the digital signature of the server 
computer. An active X (com) object or other applications programming interface (API)(no. 23) 
at the Internet server communicates with the signature program of the Internet server to hash and 
sign the information (no. 22) to be contained under the signature (no. 21) with the server's 
private key. Encapsulation consists of symmetrically encrypting a detached digital signature's 
value, using the GUID or component of it as the password or seed (no. 24). Once the signature is 
thus digitally wrapped, it constitutes signature transaction meta-data that is stored and included 
in an automatically generated email message (no. 25). It is sent to the user at the email address 
that the user self-reported to the Internet server initially. 

To verify a signed document, it is resubmitted to the server, where the symmetrically encrypted 
version of the digital signature is decrypted by recreating the symmetric key from the signature 
transaction record components, and applying it, and then normal verification on the basis of the 
server's public key is invoked. 

The encrypted digital signature ensures that the information included as the basis for the 
symmetric key, including signature transaction record particulars, date and time values, and 
electronic signature cannot be altered after the fact without such change being detectable through 
software upon verification. 

The preferred embodiment also enables signer-supplied form submission data to be inserted into 
appropriate locations in a transaction template to be signed as part of a completed document, 
which may include standard terms applicable to the class of transactions. This enables 
standardized contracts and clauses to be included in legally binding contracts. The template may 
simply be a blank (structure only) document, to be filled in completely by the user, or it also may 
include "boilerplate", meaning standardized language that is intended to remain in the document. 
Boilerplate is commonly associated with legal, financial, real estate and mortgage phrases and 
provisions that are intended as inalterable in the document finalization and signature process. For 
example, it can include standard terms for purchase orders. For example, it can include notices 
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and averments to governmental regulatory bodies. For example, it can include electronic credit 
card charge slips. By putting the boilerplate terms and conditions at the server and incorporating 
them as a template that cannot be modified by a signer, unauthorized pre-signature modifications 
are prevented. For example, in an extreme example, the template located on the server consists 
completely or almost entirely of boilerplate language that the signer is expected to accept and 
sign or reject without adding, modifying or inserting any information specific to the signer or 
transaction. For example, the transaction template may be used to generate an envelope for the 
transmission and routing of one or more documents or files that are embedded into the envelope. 
Any of the documents and files with a potential to be embedded in or attached to an envelope can 
also be signed using this invention. 

As one skilled in the art can appreciate, signature transaction data or a pointer to it may appear in 
the document, in a database record, in a cookie on a client user's machine or as part of the signed 
file information. The template can also include formatting and structuring information so that the 
relying party receives a document that can be read using commercially available proprietary 
programs and methods. For example, the relying party may want to have the transaction in a 
word processing format. For example, the relying party may want to have the document include 
mark up tags common to and from such programs and languages as Hypertext Mark Up 
Language (HTML), Rich Text Format (RTF), Standard General Markup Language (SGML) or 
Extensible Markup Language (XML), and commonly used word processing formats. For 
example, the relying party may want to have a particular stylesheet associated with a document 
to preserve its layout as well as text and require the signer to sign this presentation formatting as 
well. By putting the templates and encryption keys on the server, and exposing the methods and 
properties of signature applications at the server, inconveniences caused by the complexities of 
using keys and certificates, and incompatibilities between operating systems and environments of 
the various signers' and relying parties' computers are also avoided. 

Return of signature transaction information to the individual who signed the information in an 
email message serves as a receipt and proof from the server of a valid signature transaction. Such 
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a proof of transaction can be asymmetrically signed by the server, providing inalterable proof 
successful signature verification as of a particular time. 

Figure 5 depicts the mechanism for actually invoking the signature device, as viewed by the user. 
A simple button (no. 26) is clicked by the user, coupled with a clear warning (no. 27) of the 
consequences of clicking the signature button. Once the button is clicked, the electronic 
signature feature is enabled. This feature assures relying parties of the intent of the signer. Other 
means of user interaction with a machine besides the clicking of a button will be evident to one 
skilled in the art, and may include by way of examples a voice activated command, the pressing 
of a button on a keyboard, the use of a stylus or a finger on a screen, manipulation of an image or 
icon, or a button on the remote control device for a television. 

If the email receipt containing the proof of signature is received by the signer, that individual 
optionally may be required to countersign the receipt digitally (preferably using asymmetric 
encryption) and then to return the resigned message back to the server computer for storage and 
as further proof of receipt and authentication. This receipt at the server computer proves that the 
user actually received the electronically signed message, and the digital signature can be stored 
at the server as a further guarantee of message authenticity. As one skilled in the art will realize, 
the example of email transmission is one of many possible ways of transmitting the signed proof 
of signature from the server to its destination. Other examples include the saving of a web page 
of information directly from a browser to a hard drive, or the downloading of a document from 
one machine to another, or transmission via HTTP and XML. 

Conclusions, Ramifications, and Scope 

Accordingly, it can be seen that the above system allows client computer users to sign electronic 
documents, filings and transaction records submitted to a server computer as though with pen 
and ink on paper, without any additional hardware or software apart from an Internet web 
browser. The signature program reduces the need for a massive infrastructure investment of 
certification authorities by relying solely upon the digital certificate of the server computer, 
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without any similar requirement that the signing party obtain a separate digital certificate, unless 
optionally required for receipt signing purposes. The method is able to make use of other current 
and future technologies for computer user authentication systems, and is suited for the Internet 
and other computer networks. The use of a second encryption layer has a further advantage of 
protecting the private key. Without the symmetric digital wrapper that changed with each signer 
transaction, an attacker might be able to deduce the private key attributes from an examination of 
a myriad of signatures and hash values. The symmetrically encrypted signature value also can 
serve to protect the underlying asymmetric signature at a future time when a factoring attack on 
asymmetric signatures by significantly more powerful computers may become computationally 
feasible. The symmetric encryption of the returned asymmetric signature value serves to shield 
the asymmetric private key from a factoring attack as the symmetric enciphering wrapper cloaks 
the asymmetric signature value, hiding it from the attacker. 

Although the description above contains much specificity, this should not be construed as 
limiting the scope of the invention but as merely providing illustrations of some of the presently 
preferred embodiments of this invention. Various other embodiments and ramifications are 
possible within its scope. Modification within the spirit of the invention will also be apparent to 
those skilled in the art. For example, other unique system information of the server can be used 
in addition to the system clock to generate a signature transaction record, all or parts of which 
may also be encrypted. For example, copies of a single asymmetric key may be distributed 
among several different servers, or a single server may have a number of different asymmetric 
keys for use by each of various assigned individuals, entities or groups. For example, signers 
may be authenticated by trusted third party assertions. For example, a message digest generated 
during signature may be encrypted only using a symmetric key, rather than an asymmetric key, 
bypassing a second encryption step. Alternatively, the symmetric encryption of the message 
digest may precede the asymmetric encryption, allowing the asymmetric encryption to act as a 
digital wrapper for the symmetric encryption. For example, electronic processes may sign as 
client users on behalf of individuals or entities. For example, enveloped or enveloping digital 
signatures may be generated using this invention in addition to detached digital signatures. 
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Thus the scope of the invention should be determined by the appended claims and their legal 
equivalents, rather than by the examples given. 



Very respectfully, 
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